Rivian is on a mission to keep the world adventurous forever. This goes for the emissions-free Electric Adventure Vehicles we build, and the curious, courageous souls we seek to attract.
\n\n
As a company, we constantly challenge what’s possible, never simply accepting what has always been done. We reframe old problems, seek new solutions and operate comfortably in areas that are unknown. Our backgrounds are diverse, but our team shares a love of the outdoors and a desire to protect it for future generations.
Role Summary
As a Senior Privilege Access Management (PAM), you will play a key role in designing, implementing, and managing privileged access controls to safeguard critical systems and data. You will be responsible for ensuring the effective and secure management of privileged accounts, access rights, and workflows across the organization.
Responsibilities
- \n
- PAM Solution Design and Implementation: Design, architect, and implement privilege access management solutions, focusing on technologies like BeyondTrust or other PAM solutions. Assess business requirements, identify system vulnerabilities, and develop strategies to protect privileged accounts and access. \n
- Privileged Account Management: Manage the lifecycle of privileged accounts, including provisioning, deprovisioning, and access reviews. Establish access controls, policies, and procedures to mitigate the risk associated with privileged accounts. Monitor and enforce privileged access management policies. \n
- IAM Integration: Integrate privilege access management solutions with existing Identity and Access Management (IAM) systems and processes. Collaborate with IAM teams to ensure a cohesive and comprehensive approach to access control and security. \n
- Cybersecurity and Risk Management: Assess cybersecurity risks related to privileged access and develop strategies to mitigate those risks. Stay updated with the latest cybersecurity threats and industry best practices. Conduct periodic risk assessments and vulnerability scans to identify and address potential vulnerabilities. \n
- Code Development and Automation: Develop custom scripts, tools, and automation workflows to streamline privileged access management processes. Automate repetitive tasks, implement role-based access controls, and enhance operational efficiency \n
- Incident Response and Forensics: Provide support during security incidents related to privileged accounts. Collaborate with incident response teams to investigate security breaches and perform forensic analysis of compromised accounts. Recommend and implement measures to prevent future incidents. \n
- Documentation and Reporting: Create and maintain documentation, including design specifications, configuration guides, and standard operating procedures. Generate reports on privileged access management activities, including access requests, approvals, and entitlements. \n
- Collaboration and Training: Collaborate with cross-functional teams, including IT, cybersecurity, and compliance, to ensure alignment and adherence to privileged access management policies and procedures. Conduct training sessions and awareness programs for end-users and system administrators. \n
- Continuous Improvement: Continuously assess and enhance the privilege access management program. Identify opportunities for process improvements, system optimization, and automation. Stay updated with industry trends and emerging technologies in privileged access management. \n
Qualifications
- \n
- Bachelor's or Master's degree in Computer Science, Information Security, or a related field. \n
- At least 5 years of experience as a Privilege Access Management Engineer or similar role, with a focus on IAM and Cybersecurity. \n
- Strong understanding of privileged access management concepts, principles, and best practices. \n
- Experience with Beyond Insight applications like Password Safe, Secret Safe, EPM or similar PAM solutions. \n
- Proficient in coding and scripting languages such as Python, PowerShell, or Shell scripting. \n
- Solid knowledge of IAM technologies, protocols, and standards (e.g., LDAP, SAML, OAuth). \n
- Familiarity with cybersecurity frameworks (e.g., NIST Cybersecurity Framework, ISO 27001) and compliance requirements. \n
- Excellent problem-solving and analytical skills, with the ability to assess risks and provide effective solutions. \n
- Strong communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams. \n
- Self-motivated and driven to stay updated with the latest IAM and cybersecurity trends and technologies. \n
- CISSP, CISM, or other relevant certifications are a plus. \n
Equal Opportunity
\nRivian is an equal opportunity employer and complies with all applicable federal, state, and local fair employment practices laws. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, ancestry, sex, sexual orientation, gender, gender expression, gender identity, genetic information or characteristics, physical or mental disability, marital/domestic partner status, age, military/veteran status, medical condition, or any other characteristic protected by law.
\n\n
Rivian is committed to ensuring that our hiring process is accessible for persons with disabilities. If you have a disability or limitation, such as those covered by the Americans with Disabilities Act, that requires accommodations to assist you in the search and application process, please email us at candidateaccommodations@rivian.com.
\nCandidate Data Privacy
\nRivian may collect, use and disclose your personal information or personal data (within the meaning of the applicable data protection laws) when you apply for employment and/or participate in our recruitment processes (“Candidate Personal Data”). This data includes contact, demographic, communications, educational, professional, employment, social media/website, network/device, recruiting system usage/interaction, security and preference information. Rivian may use your Candidate Personal Data for the purposes of (i) tracking interactions with our recruiting system; (ii) carrying out, analyzing and improving our application and recruitment process, including assessing you and your application and conducting employment, background and reference checks; (iii) establishing an employment relationship or entering into an employment contract with you; (iv) complying with our legal, regulatory and corporate governance obligations; (v) recordkeeping; (vi) ensuring network and information security and preventing fraud; and (vii) as otherwise required or permitted by applicable law.
\n\n
Rivian may share your Candidate Personal Data with (i) internal personnel who have a need to know such information in order to perform their duties, including individuals on our People Team, Finance, Legal, and the team(s) with the position(s) for which you are applying; (ii) Rivian affiliates; and (iii) Rivian’s service providers, including providers of background checks, staffing services, and cloud services.
\n\n
Rivian may transfer or store internationally your Candidate Personal Data, including to or in the United States, Canada, the United Kingdom, and the European Union and in the cloud, and this data may be subject to the laws and accessible to the courts, law enforcement and national security authorities of such jurisdictions.
\n\n
Please note that we are currently not accepting applications from third party application services.